A Honeypot is Just a Sweet Word for Spam

In the IT world, honeypots have a number of definitions depending on its usage, but with email, a honeypot means one thing – a trap. Honeypots are inactive email addresses set up specifically as a tool to catch spammers red-handed as these emails are not used by real people and therefore never opted-in to any email campaigns. As a result, any mailer that sends to these addresses can be dubbed a spammer.

One of the most common ways that spammers obtain honeypot email addresses is by harvesting email. They do this by:

• Purchasing or trading lists of email addresses from fellow spammers
• Using special software (spambots) to spider websites to source email addresses
• Guessing email addresses using common usernames for each targeted domain
• Offering a product or service for free in exchange for an email address
• Sending malicious email that scans your hard drive or network for email addresses

And the problem is big. Project Honey Pot is a non-profit organization working to track and stop email harvesting. They are currently monitoring over 88 million different spam trap addresses, and have thus far identified almost 140,000 harvesters, over 20 million dictionary attackers, and over 93 million spam servers. They publish a directory of malicious IPs with a breakdown by type – harvester, spam server, dictionary attacker and comment spammers. You can even lookup an IP to see if its suspect.

It’s important to note, that even legitimate mailers can end up with honeypots on their email file. Regardless of your intent, sending unwanted email is a violation of the CAN-SPAM Act. That’s why it’s important for you to:

Author: Carly Brantz

Carly Brantz is a veteran in the email deliverability space working to make email simple and easy for developers by regularly writing whitepapers, research briefs and blog posts about email, technology and industry trends.